From: duna.oh <duna.oh@samsung.com>
Date: Mon, 30 Sep 2024 09:00:19 +0000 (+0900)
Subject: Use secure_getenv when available to fix untrusted source issue
X-Git-Tag: accepted/tizen/unified/20250205.095548~2
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=c2a06da1373ea737dc6dd037ea502c7fa4406ffd;p=platform%2Fupstream%2Flibinput.git

Use secure_getenv when available to fix untrusted source issue

Change-Id: I8c0fb08450eee9a0895fbf2437c2dd525075ef2f
---

diff --git a/meson.build b/meson.build
index 2c592f3a..ff3ee824 100644
--- a/meson.build
+++ b/meson.build
@@ -193,6 +193,16 @@ if cc.has_function('input_set_default_property', dependencies : dep_udev)
 	config_h.set10('HAVE_INPUT_SET_DEFAULT_PROPERTY', 1)
 endif
 
+############ check setcure_getenv function  ############
+
+if cc.has_header_symbol('stdlib.h', 'secure_getenv', prefix: prefix)
+	config_h.set('HAVE_SECURE_GETENV', 1)
+elif cc.has_header_symbol('stdlib.h', '__secure_getenv', prefix: prefix)
+	config_h.set('HAVE___SECURE_GETENV', 1)
+else
+	message('C library does not support secure_getenv, using getenv instead')
+endif
+
 ############ udev bits ############
 
 if get_option('udev-enable')
diff --git a/src/evdev.c b/src/evdev.c
index fb1f5669..efb81fac 100644
--- a/src/evdev.c
+++ b/src/evdev.c
@@ -2057,7 +2057,7 @@ evdev_configure_device(struct evdev_device *device)
 	}
 
 	if (udev_tags & EVDEV_UDEV_TAG_JOYSTICK) {
-		env = getenv("LIBINPUT_IGNORE_JOYSTICK");
+		env = secure_getenv("LIBINPUT_IGNORE_JOYSTICK");
 		if (env && atoi(env) == 1) {
 			evdev_log_info(device,
 				 "input device '%s' have joystick, ignoring\n",
@@ -2452,7 +2452,7 @@ udev_device_should_be_ignored(struct udev_device *udev_device)
 	if (value && !streq(value, "0")) return true;
 
 	// for TIZEN, add checking if joystick should be ignored or not.
-	env = getenv("LIBINPUT_IGNORE_JOYSTICK");
+	env = secure_getenv("LIBINPUT_IGNORE_JOYSTICK");
 	if (env && atoi(env) == 1) {
 		value = udev_device_get_property_value(udev_device,
 						       "ID_INPUT_JOYSTICK");
diff --git a/src/libinput-private.h b/src/libinput-private.h
index 451b3b6f..8d4af63a 100644
--- a/src/libinput-private.h
+++ b/src/libinput-private.h
@@ -57,6 +57,14 @@
 #define TRACE_INPUT_END()
 #endif
 
+#if defined(HAVE_SECURE_GETENV)
+# define secure_getenv secure_getenv
+#elif defined(HAVE___SECURE_GETENV)
+# define secure_getenv __secure_getenv
+#else
+# define secure_getenv getenv
+#endif
+
 struct libinput_source;
 
 /* A coordinate pair in device coordinates */
diff --git a/src/libinput.c b/src/libinput.c
index 66f517e0..524d36ff 100644
--- a/src/libinput.c
+++ b/src/libinput.c
@@ -2355,7 +2355,7 @@ close_restricted(struct libinput *libinput, int fd)
 bool
 ignore_litest_test_suite_device(struct udev_device *device)
 {
-	if (!getenv("LIBINPUT_RUNNING_TEST_SUITE") &&
+	if (!secure_getenv("LIBINPUT_RUNNING_TEST_SUITE") &&
 	    udev_device_get_property_value(device, "LIBINPUT_TEST_DEVICE"))
 		return true;